mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
core: fix crash in parsing of SocketBind{Allow,Deny}=
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33876.
This commit is contained in:
parent
73e799387f
commit
cc87b3f68f
@ -5670,11 +5670,11 @@ int config_parse_cgroup_socket_bind(
|
||||
void *data,
|
||||
void *userdata) {
|
||||
_cleanup_free_ CGroupSocketBindItem *item = NULL;
|
||||
const char *address_family = NULL, *user_port;
|
||||
const char *user_port;
|
||||
uint16_t nr_ports = 0, port_min = 0;
|
||||
CGroupSocketBindItem **head = data;
|
||||
_cleanup_free_ char *word = NULL;
|
||||
int af = AF_UNSPEC, r;
|
||||
int af, r;
|
||||
|
||||
if (isempty(rvalue)) {
|
||||
cgroup_context_remove_socket_bind(head);
|
||||
@ -5684,29 +5684,40 @@ int config_parse_cgroup_socket_bind(
|
||||
r = extract_first_word(&rvalue, &word, ":", 0);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom();
|
||||
|
||||
if (rvalue)
|
||||
address_family = word;
|
||||
|
||||
if (address_family) {
|
||||
if (streq(address_family, "IPv4"))
|
||||
af = AF_INET;
|
||||
else if (streq(address_family, "IPv6"))
|
||||
af = AF_INET6;
|
||||
else
|
||||
return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"Only IPv4 or IPv6 protocols are supported, ignoring");
|
||||
if (r <= 0) {
|
||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||
"Unable to parse %s= assignment, ignoring: %s", lvalue, rvalue);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (rvalue) {
|
||||
if (streq(word, "IPv4"))
|
||||
af = AF_INET;
|
||||
else if (streq(word, "IPv6"))
|
||||
af = AF_INET6;
|
||||
else {
|
||||
log_syntax(unit, LOG_WARNING, filename, line, 0,
|
||||
"Only IPv4 and IPv6 protocols are supported, ignoring.");
|
||||
return 0;
|
||||
}
|
||||
|
||||
user_port = rvalue;
|
||||
} else {
|
||||
af = AF_UNSPEC;
|
||||
user_port = word;
|
||||
}
|
||||
|
||||
user_port = rvalue ?: word;
|
||||
if (!streq(user_port, "any")) {
|
||||
uint16_t port_max;
|
||||
|
||||
r = parse_ip_port_range(user_port, &port_min, &port_max);
|
||||
if (r == -ENOMEM)
|
||||
return log_oom();
|
||||
if (r < 0)
|
||||
return log_warning_errno(r, "Invalid port or port range, ignoring: %m");
|
||||
if (r < 0) {
|
||||
log_syntax(unit, LOG_WARNING, filename, line, r,
|
||||
"Invalid port or port range, ignoring: %m");
|
||||
return 0;
|
||||
}
|
||||
|
||||
nr_ports = 1 + port_max - port_min;
|
||||
}
|
||||
|
BIN
test/fuzz/fuzz-unit-file/oss-fuzz-33876
Normal file
BIN
test/fuzz/fuzz-unit-file/oss-fuzz-33876
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user